How to bypass the password protection of the official #Aadhaar #android #app in 1 minute.
For this attack, the attacker need a physical access to the phone, rooted phone is not needed and yes this is the latest version of the app.
cc @uidai @ceo_uidaipic.twitter.com/7aZ0fvr0Wv
-
-
come on I can also hack
@facebook by tampering their APK

This is not a hack 
-
Please show me how you “hack” the Facebook app. After that I will be very happy to discuss with you
-
By modifying the APK's XML to *exported=true* ! Oh come on. This is lame as it gets


-
Ok, show me how you bypass the Facebook login why changing exported to true. Trolling is easy, give proofs instead...And by the way this is not the only modification I made in this app
-
So you modify apk, resign it, and claim this a "HACK" ?
-
Where did you HACK in my tweets? I’m still waiting your proofs
New conversation -
-
-
You would need unlocked physical access and adb enabled. With that access you could break (nearly) any android app (decompile / mod / recompile). How is this really an issue?
-
If you think like this, security in Android apps is not needed as you have set a lock screen (which is by the way not the case of everybody)...
-
I get that. What I'm trying to say is "what could aadhaar do to prevent this?". With that level of access you can modify any app. If I give you my wallet, you can take my ID. How is this any different?
End of conversation
New conversation -
-
-
Can I find the mod apk at http://apk-mod.net ?


-
It’s only on my computer for the moment :)
-
Brace yourselves, another article about
@UIDAI hack will be on our news apps in a while.
End of conversation
New conversation -
-
-
If the APK is tampered then how can it be counted in vulnerability as we can break almost any app by tempering the APK and physical access to the phone via ADB shell

-
Exactly
End of conversation
New conversation -
-
-
Please hack Apollo hospital network... and release the cctv videos of jayalalitha,Chief minister of Tamil nadu... Who is believed to be killed by apollo hospitals(popular belief)... If u r really an expert hacker!! Take this as a personal challenge
- 1 more reply
New conversation -
-
-
How is
@ceo_uidai responsible if someone allows access to their phone?? And APK tampering is a hack but not a vulnerability. You cannot call reverse engineering a vulnerability.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Can you tell if you changed the exported value from the manifest.xml?
-
If you did, the attack scenario is too complicated. 1) One has to have physical access to the phone 2) One has to uninstall the mAadhaar app which was installed from Play Store. 3) Sign the tampered app and install it in the device. By this time, the data already would be gone
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.